Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2023-48792 | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option. | 9.8 |
| 2024-02-02 | CVE-2023-48793 | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature. | 9.8 |
| 2024-01-31 | CVE-2022-47072 | SQL Injection vulnerability in Sparxsystems Enterprise Architect 16.0.1605 SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box.. | 9.8 |
| 2024-01-30 | CVE-2024-1061 | SQL Injection vulnerability in Bplugins Html5 Video Player The 'HTML5 Video Player' WordPress Plugin, version < 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id' parameter in the 'get_view' function. | 9.8 |
| 2024-01-29 | CVE-2024-24139 | SQL Injection vulnerability in Remyandrade Login System With Email Verification 1.0 Sourcecodester Login System with Email Verification 1.0 allows SQL Injection via the 'user' parameter. | 7.2 |
| 2024-01-29 | CVE-2024-24140 | SQL Injection vulnerability in Remyandrade Daily Habit Tracker 1.0 Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.' | 7.2 |
| 2024-01-29 | CVE-2024-24141 | SQL Injection vulnerability in Remyandrade School Task Manager 1.0 Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter. | 9.8 |
| 2024-01-29 | CVE-2024-1009 | SQL Injection vulnerability in Employee Management System Project Employee Management System 1.0 A vulnerability was found in SourceCodester Employee Management System 1.0. | 9.8 |
| 2024-01-23 | CVE-2023-51210 | SQL Injection vulnerability in Webkul Bundle Product 6.0.1 SQL injection vulnerability in Webkul Bundle Product 6.0.1 allows a remote attacker to execute arbitrary code via the id_product parameters in the UpdateProductQuantity function. | 9.8 |
| 2024-01-22 | CVE-2023-48118 | SQL Injection vulnerability in Quest-Analytics Iqcrm 2023.9.5 SQL Injection vulnerability in Quest Analytics LLC IQCRM v.2023.9.5 allows a remote attacker to execute arbitrary code via a crafted request to the Common.svc WSDL page. | 9.8 |